Closed mackrauss closed 9 years ago
Turns out that HttpsURLConnection requires the WWW-Authentication
header being present when a 401 error is returned.
see http://stackoverflow.com/questions/17121213/java-io-ioexception-no-authentication-challenges-found http://stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses http://www.sitepoint.com/understanding-http-digest-access-authentication/
Fixed by commit 097e51980d059f4f7b415bc04fdc4ff6a6591970
Our server is hosting multiple https domains under the same IP address. This was not possible in the past, but is fixed with Server Name Indication (SNI) http://en.wikipedia.org/wiki/Server_Name_Indication
However, both server and client need to support SNI and the Apache HTTP stack in Android does not. http://stackoverflow.com/questions/5879894/android-ssl-sni-support
The goal is to switch to
HttpsURLConnection
instead